Service providers receive login attempts from users wishing to gain access to sensitive information, such as bank accounts. Some users attempt to gain access to such information with credentials obtained fraudulently from a legitimate account holder.
Adaptive authentication techniques identify fraudulent users even though such users possess credentials to gain access to a legitimate user's account information. For example, each login attempt is received at the service provider at a particular time, and in many cases a fraudulent user will send login attempts at times outside of those expected by a service provider. Existing adaptive authentication techniques compare information associated with a login attempt received by the service provider, such as the time of the login and a location from where the login originated, with a historical record of a typical user who exhibits some expected login behavior. For example, if a high percentage of prior login attempts received by the service provider from a particular user occur between the hours of 6 AM and 11 PM daily and from locations within the continental United States, then login attempts between 2 AM and 4 AM from locations across Eastern Europe, have a high risk of being a fraudulent user.
Adaptive authentication techniques apply a challenge to such risky transactions, where the riskiness estimation arrives from a fraud/genuine classifier. The answer to the challenge (e.g., a pass/fail result) is used to improve the accuracy of the model within a supervised learning Bayesian methodology. Hence, challenges mostly affect the classification of the specific transaction that invoked the challenge. In addition, there is currently no automated mechanism for classifying previously untagged transactions.
A need therefore exists for classifying previously untagged transactions in an Adaptive Authentication system.